Hummel

Forum Replies Created

Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • in reply to: Need a routing trick #53396

    Hummel
    Member

    Hi,

    have you tried additional FORWARD-Rules to make the internal IP accessible?
    Something like:
    Input: ETH2
    Output: ETH1
    Destination IP: Server-Adress in the ETH1-Subnet

    and vice versa

    Regards,
    hummel

    in reply to: zero shell use TUN or TAP #53392

    Hummel
    Member

    Hi,
    you can change the default settings via patching the configuration file in Pre-boot.
    Here you will find more information:

    https://www.zeroshell.org/forum/viewtopic.php?t=4521

    Why you want to change it?

    in reply to: getting "VPN process has not started" when doing #53391

    Hummel
    Member

    Hi jjk_saji,

    first of all you can have a Look in the Logs. Most of the Problems you can solve with this.

    I connected different Networks via th OpenVPN LAN-to-LAN service and it works fine. I use PSK to authenticate.

    If there is the status: “VPN Process has not startet” it is mostly a syntax error of additional options. They appear in the Log.

    Please post your configuration and Logs, because nobody will understand your Problem without.

    Cheers,
    hummel

    in reply to: OpenVPN LAN-to-LAN Routing #53224

    Hummel
    Member

    Hi,

    i realized it via static routes to the backround-networks of the other site.
    works fine 🙂

    in reply to: OpenVPN: fixed Ip for Client, allow only one connection! #53382

    Hummel
    Member

    I found a solution for my problem:

    I deleted the keepalive command from the “vpn_start”-file and added in the command line:

    –ping 10
    –push ping-exit 25

    If Client A connects and Client B afterwards, only Client B will receive the ping from the Server every 10s. Client A gets no more pings an disconnects himself.

    Additionally i found out:
    If you are in use of user-specified file in the ccd-directory and have an “inactive” command this will not be affected by these changes.

    thank you redfive for the essential hint 😀


    Hummel
    Member

    extension:

    If both Clients are still active, they are switching the connection between them. e.g. keepalive 5 60 = every 60s the other client connects again…


    Hummel
    Member

    Ok, got it!
    Thank you… easy way, if you know howto 🙂

    It works, but i have the same problem as before… i can connect with the same account from both Pcs. the latest Connection is now the only one which is working. If I connect with Pc A and afterwards with Pc B with the same Client.conf, then I can ping the VPN-Network only with Pc B. On Pc A i get a “Destination Host Unreachable”-warning from the point, when Pc B connects but the VPN-Client on Pc A appears still connected! I think for the most of the client users this will appear as a connection error…

    Is there any way to “kick” the duplicated clients or not to let same client connect if another connection is already established?

    thanks in advance!


    Hummel
    Member

    Hey Redfive,
    thank you for your comment!

    Can you tell me what (and how 😉 ) i have to add in the pre-boot?
    Never done this before….

    Thanks a lot!

    in reply to: OpenVPN: fixed Ip for Client, allow only one connection! #53376

    Hummel
    Member

    hello,

    i tried to add the Option “–duplicate-cn no” to the Command line in zeroshell, but connection from both pc´s is still possible…

    i there any way to remove the option “–duplicate-cn” from the server-config file on the zs?


    Hummel
    Member

    Hi,
    i would request the same feature for the Firewall.
    I do the acces control for a lot of VPN-Clients via the firewall… sometimes i´ts hard to retain the overview 😯

    Would be nice! Thank you!

    in reply to: Need help installing ZS3.0 on hard disk #53285

    Hummel
    Member

    Thanks for your Reply.

    I tried your option, but grub reports the “unknown filesystem” error again…

    I don´t know where i am wrong in this case…
    🙄

    in reply to: Fixed IP´s for OpenVPN-Clients #53004

    Hummel
    Member

    Thank you redfive,
    but I think you´re right.. the connection data must be strictly personal.
    do you know a good Manual for handling iptables? i have no experience with that…

    greetings

    in reply to: Fixed IP´s for OpenVPN-Clients #53002

    Hummel
    Member

    i have registered an new Problem…

    I can connect the Openvpn as a user and get the fixed user-IP and stay connected. While this I am able to connect the same user from another Pc, and get the same OpenVPN-IP……
    How is that possible, or how can i solve this Problem?

    I wan t only one Connection per user to be allowed…

    in reply to: Fixed IP´s for OpenVPN-Clients #53001

    Hummel
    Member

    Hey redfive,
    thanks a lot for your answer.

    I tried a lot of times to solve the MITM-Warning, but was not able to handle that Problem… 😮

    My Question to your configuration is: How do you log in OpenVPN?
    I created a Kerberos 5 realm and log in with “user@domain” and password… then I get an ip from the Pool I specified in Zeroshell-Web-Platform.

    When I log in with “user” and password, then i get the ip from the user-specific ccd-File.

    I don´tknow what the Kerberos realm is for in this situation?

    Edit:
    I changed the Zeroshell from “X.509 & Password” to “only X.509” – Authentication and everything works fine, fast and without Warning

Viewing 14 posts - 1 through 14 (of 14 total)